<?PHP
/* $Id: isAlt.php 7 2009-03-24 20:25:52Z ronan $ */

session_start();
//getting the user's access to see if they are allowed
include("includes/paxsql.php");
mysql_close();

include 'includes/database.php';
include 'includes/qualityq.php';

function listMains() {
	$altOf = addslashes($_POST['altOf']);
	$charID = addslashes($_POST['charID']);
	$query = "SELECT characters.charID, characters.name FROM characters LEFT JOIN alts
		ON characters.charID = alts.charID WHERE
		characters.name LIKE '%{$altOf}%'
		AND characters.charID != '{$charID}'
		AND alts.charID IS NULL
		AND characters.inCorp = 1
		ORDER BY name";
	$results = mysql_query($query);
	
	if (mysql_num_rows($results) == 0)
		echo "<div class=\"divBlank\" style=\"padding-left: 30px;\">No characters found.</div>";
	
	else {
		while ($char = mysql_fetch_array($results)) {
			echo "<div class=\"divBlank\" style=\"padding-left: 30px;\">
				<a href=\"?charID={$_POST['charID']}&altOf={$char['charID']}\">{$char['name']}</a></div>";
		}
	}
}

function addAlt($charID, $altOf, $charName, $altName) {
	if($charName == true && $altName == true)
		query($_SESSION['userid'],"set ".addslashes($altName)." as an alt of ".addslashes($charName));
	$query = "INSERT INTO alts (charID, altOf) VALUES ($charID, $altOf)";
	$result = mysql_query($query);
	
	if ($result) header('Location: http://'.$_SERVER['HTTP_HOST'].'/index.php');
}

function delAlt($charID, $altOf, $charName, $altName) {
	query($_SESSION['userid'],"unset ".addslashes($altName)." as an alt of ".addslashes($charName));
	$query = "DELETE FROM alts WHERE charID = '{$charID}' AND altOf = '{$altOf}'";
	$result = mysql_query($query);
	
	if ($result) header('Location: http://'.$_SERVER['HTTP_HOST'].'/index.php');
}

if($access > 1)
{
	$altOf = addslashes($_GET['altOf']);
	$charID = addslashes($_GET['charID']);
	$result = mysql_query("SELECT name FROM characters WHERE charID = '".$altOf."'") or die(mysql_error());
	$row = mysql_fetch_array($result);
	$charName = $row['name'];
	$result = mysql_query("SELECT name FROM characters WHERE charID = '".$charID."'") or die(mysql_error());
	$row = mysql_fetch_array($result);
	$altName = $row['name'];

	if (isset($charID) && isset($altOf) && $_GET['del'] == 1)
		delAlt($charID, $altOf, $charName, $altName);
	elseif (isset($charID) && isset($altOf))
		addAlt($charID, $altOf, $charName, $altName);

echo("
<html>
<head>
<link rel='stylesheet' type='text/css' href='main.css'>
<title>snowflake</title>");

include('includes/javascript.php');

echo("</head>

<body>

<div id='isAltWin' style='display: none;'></div>
<div id='flagWin' style='display: none;'></div>

<div id='wrapper'>

	<div id='header'><a href='/'>snowflake</a></div>

	<div id='navi'>");
	
include('includes/navi.php');

echo("</div>

	<div id='main'>
		<h1>list of matching mains</h1>
		<hr>
		<h3>".stripslashes($_POST['name'])." is an alt of... ".stripslashes($_POST['altOf'])."</h3>");

listMains();

echo("
		<br>
		<a href='#' onClick='history.go(-1)'>Back</a>
	</div>
	
</div>

</body>

</html>");
}
//they do not belong here, they get the boot
else
{
	header("Location: http://".$_SERVER['HTTP_HOST']."/index.php");
}
?>
